<?php
namespace app\admin\controller;

use app\common\model\AdminIpsModel;
use app\common\model\AdminModel;
use app\common\model\AdminUserLogModel;
use app\common\model\MenuModel;
use think\facade\Request;

/**
 * Common-控制器
 * @author 贺强
 * @time   2019-06-01 10:16:25
 */
class Common extends \think\Controller
{
    protected $admin = null;

    /**
     * 初始化函数
     * @author 贺强
     * @time   2019-03-24 09:48:02
     */
    public function initialize()
    {
        $admin = session('admin');
        if ($admin) {
            $is_ip = (new MenuModel)->getFieldValue('is_hide', ['identity' => 'admin_ips']) ? 0 : 1;
            if ($is_ip) {
                $is_ajax = $this->request->isAjax();
                $is_ip   = (new AdminModel())->getFieldValue('is_ip', ['id' => $admin['id']]);
                if ($is_ip) {
                    $ip = $this->request->ip();
                    $ai = new AdminIpsModel();
                    // 登录IP是否在白名单
                    $count  = $ai->getCount(['ip' => $ip]);
                    $action = $this->request->get('action');
                    if (!$count && empty($action)) {
                        if ($is_ajax) {
                            return ['status' => 40, 'info' => '您无权操作'];
                        }
                        $this->error('您无权访问', url('/71a4d6e847b6214b/login?action=logout'));
                    }
                }
            }
        }
        // 不需要验证的方法
        $no_valid_action = config('NOVERIFY');
        // 不需要验证的方法
        $class  = strtolower($this->request->controller());
        $action = strtolower($this->request->action());
        if (!empty($no_valid_action[$class]) && in_array($action, $no_valid_action[$class])) {
            $this->admin = $this->is_login(0);
            return true;
        }
        $identity = $class . '_' . $action;
        $admin    = $this->is_valid($identity);
        if (!empty($admin['status'])) {
            return $admin;
        }
        $this->admin = $admin;
    }

    /**
     * 空方法
     * @author 贺强
     * @time   2021-03-24 15:36:48
     */
    public function _empty()
    {
        exit('非法操作');
    }

    /**
     * 判断用户是否登录
     */
    protected function is_login($is_url = 1)
    {
        $admin  = session('admin');
        $action = $this->request->get('action');
        if (empty($admin) && empty($action)) {
            if ($this->request->isAjax()) {
                return ['status' => 45, 'info' => '登录超时，请重新登录'];
            }
            if ($is_url) {
                $this->error('登录超时，请重新登录', url('/71a4d6e847b6214b/login'));
            } else {
                return false;
            }
        }
        return $admin;
    }

    /**
     * 判断登录用户是否有权限
     * @author 贺强
     * @date   2018-08-31
     * @param  string     $identity 操作/访问的方法
     */
    public function is_valid($identity)
    {
        $admin = $this->is_login();
        $acts  = config('ACTIONS');
        // 记录操作日志
        if (!empty($acts[$identity])) {
            $log = [
                'username'   => $admin['username'],
                'login_time' => $admin['login_time'],
                'login_ip'   => $admin['login_ip'],
                'action'     => $identity,
                'log'        => $acts[$identity],
            ];
            $aul = new AdminUserLogModel();
            $aul->add($log);
        }
        $is_ajax = $this->request->isAjax();
        // 如果是超级管理员不加权限限制
        if ($admin['role_id'] === 1) {
            return $admin;
        }
        $a     = new AdminModel();
        $model = $a->getModel([['id', '=', $admin['id']]], ['status']);
        if (empty($model) || $model['status'] === 4) {
            if ($is_ajax) {
                return ['status' => 40, 'info' => '您的账号已被禁用'];
            }
            $this->error('您的账号已被禁用', url('/71a4d6e847b6214b/login'));
        }
        // 判断登录账号是否有权限
        if (empty($identity)) {
            if ($is_ajax) {
                return ['status' => 41, 'info' => '您无权访问或操作'];
            }
            $this->error('您无权访问或操作1');
        }
        if (strrpos($identity, '\\') !== false) {
            $identity = substr($identity, strrpos($identity, '\\') + 1);
        }
        $m    = new MenuModel();
        $menu = $m->getModel(['identity' => $identity], 'id');
        if (empty($menu)) {
            if ($is_ajax) {
                return ['status' => 42, 'info' => '您无权访问或操作'];
            }
            $this->error('您无权访问或操作2');
        }
        if (!in_array($menu['id'], $admin['roles'])) {
            if ($is_ajax) {
                return ['status' => 43, 'info' => '您无权访问或操作'];
            }
            if ($identity === 'admin_index_v1') {
                return false;
            }
            $this->error('您无权访问或操作3');
        }
        return $admin;
    }

}
